Filtered by vendor Samsung
Subscribe
Total
1188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-25367 | 1 Samsung | 1 Notes | 2024-11-21 | 5.5 MEDIUM | 3.7 LOW |
| Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission. | |||||
| CVE-2021-25366 | 1 Samsung | 1 Internet | 2024-11-21 | 3.6 LOW | 3.2 LOW |
| Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically proximate attackers to bypass the secret mode's authentication. | |||||
| CVE-2021-25355 | 1 Samsung | 1 Notes | 2024-11-21 | 4.6 MEDIUM | 5.5 MEDIUM |
| Using unsafe PendingIntent in Samsung Notes prior to version 4.2.00.22 allows local attackers unauthorized action without permission via hijacking the PendingIntent. | |||||
| CVE-2021-25354 | 1 Samsung | 1 Internet | 2024-11-21 | 6.8 MEDIUM | 3.3 LOW |
| Improper input check in Samsung Internet prior to version 13.2.1.46 allows attackers to launch non-exported activity in Samsung Browser via malicious deeplink. | |||||
| CVE-2021-25353 | 1 Samsung | 1 Galaxy Themes | 2024-11-21 | 3.6 LOW | 5.5 MEDIUM |
| Using empty PendingIntent in Galaxy Themes prior to version 5.2.00.1215 allows local attackers to read/write private file directories of Galaxy Themes application without permission via hijacking the PendingIntent. | |||||
| CVE-2021-25352 | 1 Samsung | 1 Bixby Voice | 2024-11-21 | 4.6 MEDIUM | 5.5 MEDIUM |
| Using PendingIntent with implicit intent in Bixby Voice prior to version 3.0.52.14 allows attackers to execute privileged action by hijacking and modifying the intent. | |||||
| CVE-2021-25351 | 2 Google, Samsung | 2 Android, Account | 2024-11-21 | 2.1 LOW | 3.2 LOW |
| Improper Access Control in EmailValidationView in Samsung Account prior to version 10.7.0.7 and 12.1.1.3 allows physically proximate attackers to log out user account on device without user password. | |||||
| CVE-2021-25350 | 2 Google, Samsung | 2 Android, Account | 2024-11-21 | 2.1 LOW | 2.0 LOW |
| Information Exposure vulnerability in Samsung Account prior to version 12.1.1.3 allows physically proximate attackers to access user information via log. | |||||
| CVE-2021-25349 | 2 Google, Samsung | 2 Android, Slow Motion Editor | 2024-11-21 | 4.6 MEDIUM | 5.5 MEDIUM |
| Using unsafe PendingIntent in Slow Motion Editor prior to version 3.5.18.5 allows local attackers unauthorized action without permission via hijacking the PendingIntent. | |||||
| CVE-2021-25348 | 1 Samsung | 1 Internet | 2024-11-21 | 2.1 LOW | 2.1 LOW |
| Improper permission grant check in Samsung Internet prior to version 13.0.1.60 allows access to files in internal storage without authorized STORAGE permission. | |||||
| CVE-2021-25345 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 4.9 MEDIUM | 4.0 MEDIUM |
| Graphic format mismatch while converting video format in hwcomposer prior to SMR Mar-2021 Release 1 results in kernel panic due to unsupported format. | |||||
| CVE-2021-25343 | 2 Google, Samsung | 2 Android, Members | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
| Calling of non-existent provider in Samsung Members prior to version 2.4.81.13 (in Android O(8.1) and below) and 3.8.00.13 (in Android P(9.0) and above) allows unauthorized actions including denial of service attack by hijacking the provider. | |||||
| CVE-2021-25342 | 2 Google, Samsung | 2 Android, Members | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
| Calling of non-existent provider in SMP sdk prior to version 3.0.9 allows unauthorized actions including denial of service attack by hijacking the provider. | |||||
| CVE-2021-25341 | 1 Samsung | 1 S Assistant | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
| Calling of non-existent provider in S Assistant prior to version 6.5.01.22 allows unauthorized actions including denial of service attack by hijacking the provider. | |||||
| CVE-2021-25339 | 2 Google, Samsung | 2 Android, Exynos 9830 | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| Improper address validation in HArx in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to corrupt EL2 memory. | |||||
| CVE-2021-25338 | 2 Google, Samsung | 2 Android, Exynos 9830 | 2024-11-21 | 3.6 LOW | 4.4 MEDIUM |
| Improper memory access control in RKP in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to write certain part of RKP EL2 memory region. | |||||
| CVE-2021-25335 | 2 Google, Samsung | 2 Android, One Ui | 2024-11-21 | 1.9 LOW | 2.5 LOW |
| Improper lockscreen status check in cocktailbar service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows unauthenticated users to access hidden notification contents over the lockscreen in specific condition. | |||||
| CVE-2021-25333 | 1 Samsung | 1 Pay Mini | 2024-11-21 | 1.9 LOW | 3.2 LOW |
| Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreen via scanning specific QR code. | |||||
| CVE-2021-25332 | 1 Samsung | 1 Pay Mini | 2024-11-21 | 1.9 LOW | 3.2 LOW |
| Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to contacts information over the lockscreen in specific condition. | |||||
| CVE-2021-25331 | 1 Samsung | 1 Pay Mini | 2024-11-21 | 1.9 LOW | 3.2 LOW |
| Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreen in specific condition. | |||||